Manifest
$ rpki-client -vvf rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
File: zRQ2kCMKRApot6iqmCefL2Xf7ig.mft (raw, json)
Hash identifier: 4KeRLsOSIMoKrAOQWRDNpDOmGZAALGzYsFLgYA8L2rM=
Subject key identifier: F5:EC:FE:BB:6C:E3:E8:F4:DB:78:06:08:92:0A:CF:72:9B:9A:9B:1A
Authority key identifier: CD:14:36:90:23:0A:44:0A:68:B7:A8:AA:98:27:9F:2F:65:DF:EE:28
Certificate issuer: /CN=cd143690230a440a68b7a8aa98279f2f65dfee28
Certificate serial: 019A059290847B0652FD62CD6593C068DAD9
Authority info access: rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
Subject info access: rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
Manifest number: 13E9
Signing time: Tue 21 Oct 2025 07:01:22 +0000
Manifest this update: Tue 21 Oct 2025 07:01:22 +0000
Manifest next update: Wed 22 Oct 2025 07:01:22 +0000
Files and hashes: 1: vHQRV0jRUXExLLAYBdY2ODpzWoo.roa (hash: 7UhAMCr3OjHllJdnfdmjdJInrKVauXU3M4e5nn0fWuA=)
2: zRQ2kCMKRApot6iqmCefL2Xf7ig.crl (hash: m6nkXD25kde1QSmhLg6j5CzOU6GeRSm2ce5K+fXcatE=)
Validation: OK
Signature path: rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.crl
rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.crl
rsync://rpki.ripe.net/repository/DEFAULT/KpSo3VVK5wEHIJnHC2QHVV3d5mk.mft
rsync://rpki.ripe.net/repository/aca/KpSo3VVK5wEHIJnHC2QHVV3d5mk.cer
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.crl
rsync://rpki.ripe.net/repository/aca/7DNNDzoYvgAht7joQih2Qayxcxo.mft
rsync://rpki.ripe.net/repository/ec334d0f3a18be0021b7b8e842287641acb1731a.cer
rsync://rpki.ripe.net/repository/ripe-ncc-ta.crl
rsync://rpki.ripe.net/repository/ripe-ncc-ta.mft
rsync://rpki.ripe.net/ta/ripe-ncc-ta.cer
Signature path expires: Wed 22 Oct 2025 07:01:22 +0000
Certificate:
Data:
Version: 3 (0x2)
Serial Number:
01:9a:05:92:90:84:7b:06:52:fd:62:cd:65:93:c0:68:da:d9
Signature Algorithm: sha256WithRSAEncryption
Issuer: CN=cd143690230a440a68b7a8aa98279f2f65dfee28
Validity
Not Before: Oct 21 07:01:22 2025 GMT
Not After : Oct 22 07:01:22 2025 GMT
Subject: CN=f5ecfebb6ce3e8f4db780608920acf729b9a9b1a
Subject Public Key Info:
Public Key Algorithm: rsaEncryption
RSA Public-Key: (2048 bit)
Modulus:
00:c6:d9:a0:83:b7:50:bc:22:82:54:e2:28:99:58:
1c:c3:6a:93:ce:78:17:c7:9c:4f:fc:bc:76:96:ba:
d3:41:d7:1f:dd:d9:36:f0:9d:f7:8a:57:7c:8b:2f:
5e:47:c5:47:08:dc:9c:49:6f:9a:22:a4:01:d8:cb:
d5:f9:4d:1b:0e:50:68:dc:d8:b8:0f:be:5c:d0:5c:
65:2c:13:1f:b3:e1:bc:23:8a:9a:74:4b:dd:22:62:
bd:4d:6e:f4:23:ee:c7:0d:21:d9:5f:4f:cd:48:55:
0a:b9:5f:91:dd:4e:56:05:0e:c4:de:9c:8c:4a:c9:
54:4e:a3:a4:b0:5e:e1:48:79:c7:22:ca:df:5c:b9:
ae:9a:36:7e:ce:f8:dd:e1:f0:af:dd:2f:37:92:3a:
8a:1c:e7:26:d9:11:49:0e:7f:0c:c9:2a:38:e6:52:
1c:95:95:1a:d4:7a:a4:08:df:32:97:c2:57:8e:a4:
42:7d:38:37:0d:88:e4:0f:ec:d1:30:19:f8:da:d2:
fb:65:63:52:f1:87:40:18:3e:9d:46:b0:44:a9:be:
ab:66:60:a5:0b:b9:7a:19:8e:03:94:94:68:36:a6:
32:fa:3a:67:a0:47:02:3e:d5:ff:ad:a3:af:5b:4b:
5c:f6:90:36:a3:69:6d:7a:8c:52:82:38:02:58:cf:
3b:d5
Exponent: 65537 (0x10001)
X509v3 extensions:
X509v3 Subject Key Identifier:
F5:EC:FE:BB:6C:E3:E8:F4:DB:78:06:08:92:0A:CF:72:9B:9A:9B:1A
X509v3 Authority Key Identifier:
keyid:CD:14:36:90:23:0A:44:0A:68:B7:A8:AA:98:27:9F:2F:65:DF:EE:28
X509v3 Key Usage: critical
Digital Signature
Authority Information Access:
CA Issuers - URI:rsync://rpki.ripe.net/repository/DEFAULT/zRQ2kCMKRApot6iqmCefL2Xf7ig.cer
Subject Information Access:
Signed Object - URI:rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.mft
X509v3 CRL Distribution Points:
Full Name:
URI:rsync://rpki.ripe.net/repository/DEFAULT/49/09456e-a71c-43b3-bd40-8ee3d98cad5b/1/zRQ2kCMKRApot6iqmCefL2Xf7ig.crl
X509v3 Certificate Policies: critical
Policy: ipAddr-asNumber
sbgp-ipAddrBlock: critical
IPv4: inherit
IPv6: inherit
sbgp-autonomousSysNum: critical
Autonomous System Numbers:
inherit
Signature Algorithm: sha256WithRSAEncryption
7d:33:13:09:2e:48:eb:cd:45:2b:23:b1:b3:3a:ae:01:04:0f:
f6:3b:be:f9:a6:69:d4:1e:52:d7:74:bd:0f:e7:46:34:3c:71:
46:aa:25:25:ec:c0:5e:71:d2:93:54:dd:32:57:c9:2d:2b:14:
8b:28:c1:7e:44:52:fa:c6:a7:46:c3:31:c1:f8:6b:64:65:bf:
c3:ce:98:2c:ae:10:65:28:8e:7b:52:0a:23:58:d8:12:f2:9e:
b8:36:d6:d2:b4:cb:70:06:ed:e0:6f:67:84:5d:d8:0c:70:70:
fb:21:04:9a:b4:34:c2:25:ef:6b:7a:4e:db:4b:fc:75:86:d4:
0a:38:57:a2:1e:fa:fe:24:85:61:3d:22:85:d9:07:d7:dc:da:
9d:db:4f:c2:20:f5:15:07:a0:d4:64:99:61:7f:5e:96:e7:de:
08:10:e4:d6:f0:22:17:e9:93:93:39:9c:c6:1b:1f:25:e0:85:
03:4b:76:6f:6b:c6:73:9f:b4:87:6a:f8:7d:4f:51:e3:74:bb:
64:d0:f5:2c:cb:88:85:55:c3:7b:80:41:98:cd:31:e9:2e:0a:
80:63:86:7b:ba:4c:8b:ed:fc:c9:a3:60:88:cd:b6:b9:ba:58:
15:6f:10:5c:af:86:72:e1:bd:bb:4a:c0:83:8b:bc:a5:e6:df:
a6:03:13:96
-----BEGIN CERTIFICATE-----
MIIFFjCCA/6gAwIBAgISAZoFkpCEewZS/WLNZZPAaNrZMA0GCSqGSIb3DQEBCwUA
MDMxMTAvBgNVBAMTKGNkMTQzNjkwMjMwYTQ0MGE2OGI3YThhYTk4Mjc5ZjJmNjVk
ZmVlMjgwHhcNMjUxMDIxMDcwMTIyWhcNMjUxMDIyMDcwMTIyWjAzMTEwLwYDVQQD
EyhmNWVjZmViYjZjZTNlOGY0ZGI3ODA2MDg5MjBhY2Y3MjliOWE5YjFhMIIBIjAN
BgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAxtmgg7dQvCKCVOIomVgcw2qTzngX
x5xP/Lx2lrrTQdcf3dk28J33ild8iy9eR8VHCNycSW+aIqQB2MvV+U0bDlBo3Ni4
D75c0FxlLBMfs+G8I4qadEvdImK9TW70I+7HDSHZX0/NSFUKuV+R3U5WBQ7E3pyM
SslUTqOksF7hSHnHIsrfXLmumjZ+zvjd4fCv3S83kjqKHOcm2RFJDn8MySo45lIc
lZUa1HqkCN8yl8JXjqRCfTg3DYjkD+zRMBn42tL7ZWNS8YdAGD6dRrBEqb6rZmCl
C7l6GY4DlJRoNqYy+jpnoEcCPtX/raOvW0tc9pA2o2lteoxSgjgCWM871QIDAQAB
o4ICIjCCAh4wHQYDVR0OBBYEFPXs/rts4+j023gGCJIKz3KbmpsaMB8GA1UdIwQY
MBaAFM0UNpAjCkQKaLeoqpgnny9l3+4oMA4GA1UdDwEB/wQEAwIHgDBkBggrBgEF
BQcBAQRYMFYwVAYIKwYBBQUHMAKGSHJzeW5jOi8vcnBraS5yaXBlLm5ldC9yZXBv
c2l0b3J5L0RFRkFVTFQvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLmNlcjCB
jQYIKwYBBQUHAQsEgYAwfjB8BggrBgEFBQcwC4ZwcnN5bmM6Ly9ycGtpLnJpcGUu
bmV0L3JlcG9zaXRvcnkvREVGQVVMVC80OS8wOTQ1NmUtYTcxYy00M2IzLWJkNDAt
OGVlM2Q5OGNhZDViLzEvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLm1mdDCB
gQYDVR0fBHoweDB2oHSgcoZwcnN5bmM6Ly9ycGtpLnJpcGUubmV0L3JlcG9zaXRv
cnkvREVGQVVMVC80OS8wOTQ1NmUtYTcxYy00M2IzLWJkNDAtOGVlM2Q5OGNhZDVi
LzEvelJRMmtDTUtSQXBvdDZpcW1DZWZMMlhmN2lnLmNybDAYBgNVHSABAf8EDjAM
MAoGCCsGAQUFBw4CMCEGCCsGAQUFBwEHAQH/BBIwEDAGBAIAAQUAMAYEAgACBQAw
FQYIKwYBBQUHAQgBAf8EBjAEoAIFADANBgkqhkiG9w0BAQsFAAOCAQEAfTMTCS5I
681FKyOxszquAQQP9ju++aZp1B5S13S9D+dGNDxxRqolJezAXnHSk1TdMlfJLSsU
iyjBfkRS+sanRsMxwfhrZGW/w86YLK4QZSiOe1IKI1jYEvKeuDbW0rTLcAbt4G9n
hF3YDHBw+yEEmrQ0wiXva3pO20v8dYbUCjhXoh76/iSFYT0ihdkH19zandtPwiD1
FQeg1GSZYX9elufeCBDk1vAiF+mTkzmcxhsfJeCFA0t2b2vGc5+0h2r4fU9R43S7
ZND1LMuIhVXDe4BBmM0x6S4KgGOGe7pMi+38yaNgiM22ubpYFW8QXK+GcuG9u0rA
g4u8pebfpgMTlg==
-----END CERTIFICATE-----
Generated at Tue Oct 21 18:13:33 2025 by rpki-client